Описание
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.2.7.1.dfsg-2ubuntu3.4 |
| devel | released | 1.4.11~dfsg-1 |
| edgy | released | 1.2.12.1.dfsg-1ubuntu1.4 |
| feisty | released | 1.2.16~dfsg-1ubuntu3.1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
6.4 Medium
CVSS2
Связанные уязвимости
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlie ...
Integer signedness error in format_jpeg.c in Asterisk 1.2.6 and earlier allows remote attackers to execute arbitrary code via a length value that passes a length check as a negative number, but triggers a buffer overflow when it is used as an unsigned length.
EPSS
6.4 Medium
CVSS2